Ensure tenant ID is properly set for patients, users, invitations, and patient-subject links in InvitationService; add corresponding unit tests.

back001/modules/identity/src/main/kotlin/com/mosenioring/identity/service/InvitationService.kt

@@ -40,13 +40,15 @@ class InvitationService(
     @Transactional
     @PreAuthorize("hasRole('ADMIN')")
     fun createPatientInvite(email: String, createdByAdmin: String?): InviteCreationResult {
-        requireNotNull(TenantContext.getTenantId()) { "Missing tenant" }
+        val tenantId = TenantContext.getTenantId() ?: throw IllegalArgumentException("Missing tenant")
 
         val patient = Patient(UUID.randomUUID().toString(), generatePatientPlaceholderName())
+        patient.tenantId = tenantId
         val savedPatient = patientRepository.save(patient)
 
         keycloakProvisioningService.provisionUser(email, Invitation.ROLE_PATIENT)?.let { userId ->
             val user = User(userId, email, Invitation.ROLE_PATIENT, "INVITED")
+            user.tenantId = tenantId
             userRepository.save(user)
         }
         keycloakProvisioningService.sendSetPasswordEmail(email)
@@ -64,6 +66,7 @@ class InvitationService(
             acceptedBy = null,
             createdByAdmin = createdByAdmin
         )
+        invitation.tenantId = tenantId
         invitationRepository.save(invitation)
         return InviteCreationResult(token, invitation.expiresAt)
     }
@@ -103,6 +106,7 @@ class InvitationService(
                 throw IllegalArgumentException("Invitation email mismatch")
             }
             val newUser = User(authenticatedUserId, authenticatedEmail, invitation.role, "ACTIVE")
+            newUser.tenantId = TenantContext.getTenantId() ?: throw IllegalStateException("Missing tenant")
             userRepository.save(newUser)
         }
 
@@ -140,6 +144,7 @@ class InvitationService(
         val tenantId = TenantContext.getTenantId() ?: throw IllegalStateException("Missing tenant")
         if (!subjectRepository.existsByTenantIdAndPatientIdAndUserId(tenantId, patientId, userId)) {
             val link = PatientSubject(UUID.randomUUID().toString(), patientId, userId)
+            link.tenantId = tenantId
             subjectRepository.save(link)
         }
     }

back001/modules/identity/src/test/kotlin/com/mosenioring/identity/service/InvitationServiceTest.kt

@@ -79,6 +79,28 @@ class InvitationServiceTest {
         assertEquals(Invitation.STATUS_ACCEPTED, invitation.status)
         assertNotNull(invitation.acceptedAt)
         assertEquals(user, invitation.acceptedBy)
+        org.mockito.kotlin.verify(subjectRepository).save(org.mockito.kotlin.check {
+            assertEquals("t1", it.tenantId)
+        })
+    }
+
+    @Test
+    fun `creates patient invite with tenantId`() {
+        val email = "new@example.com"
+        whenever(patientRepository.save(any<Patient>())).thenAnswer { it.arguments[0] as Patient }
+        whenever(userRepository.save(any<User>())).thenAnswer { it.arguments[0] as User }
+        whenever(invitationRepository.save(any<Invitation>())).thenAnswer { it.arguments[0] as Invitation }
+
+        val result = service.createPatientInvite(email, "admin-1")
+
+        assertNotNull(result.token)
+        org.mockito.kotlin.verify(patientRepository).save(org.mockito.kotlin.check<Patient> {
+            assertEquals("t1", it.tenantId)
+        })
+        org.mockito.kotlin.verify(invitationRepository).save(org.mockito.kotlin.check<Invitation> {
+            assertEquals("t1", it.tenantId)
+            assertEquals(email, it.email)
+        })
     }
 
     @Test